diff --git a/projects/frr/Dockerfile b/projects/frr/Dockerfile new file mode 100644 index 000000000..3286cc63e --- /dev/null +++ b/projects/frr/Dockerfile @@ -0,0 +1,30 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + +FROM gcr.io/oss-fuzz-base/base-builder + +RUN apt-get update && apt-get install -y git autoconf automake libtool make \ + libreadline-dev texinfo libjson-c-dev pkg-config bison flex python3-pip \ + libc-ares-dev python3-dev python3-sphinx build-essential libsystemd-dev \ + libsnmp-dev libcap-dev libelf-dev libpcre3-dev libpcre2-dev +RUN pip3 install pytest +RUN git clone https://github.com/CESNET/libyang.git + +RUN git clone --depth 1 --branch fuzz https://github.com/FRRouting/frr + +RUN git clone --depth 1 https://github.com/qlyoung/corpi +COPY build.sh $SRC +WORKDIR $SRC/frr diff --git a/projects/frr/build.sh b/projects/frr/build.sh new file mode 100755 index 000000000..ad1584e47 --- /dev/null +++ b/projects/frr/build.sh @@ -0,0 +1,63 @@ +#!/bin/bash -eu +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +################################################################################ + + +function copy_lib + { + local fuzzer_path=$1 + local lib=$2 + cp $(ldd ${fuzzer_path} | grep "${lib}" | awk '{ print $3 }') ${OUT}/lib/ || true + } + +mkdir -p $OUT/lib + +# build dependency +( +cd $SRC/libyang +mkdir build; cd build +cmake -DBUILD_SHARED_LIBS=OFF -DENABLE_LYD_PRIV=ON -DCMAKE_INSTALL_PREFIX:PATH=/usr \ + -D CMAKE_BUILD_TYPE:String="Release" .. +make -j$(nproc) +make install +) + +# build project +export ASAN_OPTIONS=detect_leaks=0 +./bootstrap.sh +./configure --enable-libfuzzer --enable-static --enable-static-bin --sbindir=$SRC/bin +make -j$(nproc) +make install +cp ./lib/.libs/libfrr.so.0 $OUT/lib/ +cp $SRC/bin/bgpd $OUT/ +cp $SRC/bin/ospfd $OUT/ +cp $SRC/bin/pimd $OUT/ +cp $SRC/bin/zebra $OUT/ + +# build corpus +cd $SRC/corpi +find . -type d -maxdepth 1 | while read i; do zip -j $OUT/"$i"_seed_corpus.zip "$i"/*; done + +find $OUT -maxdepth 1 -type f -executable | while read i; do + grep "LLVMFuzzerTestOneInput" ${i} > /dev/null 2>&1 || continue + patchelf --set-rpath '$ORIGIN/lib' ${i} + copy_lib ${i} libpcre2 + copy_lib ${i} libyang + copy_lib ${i} libelf + copy_lib ${i} libjson-c +done + +patchelf --remove-needed libpcre2-8.so.0 $OUT/lib/libyang.so.2 diff --git a/projects/frr/project.yaml b/projects/frr/project.yaml new file mode 100644 index 000000000..d9ac859cd --- /dev/null +++ b/projects/frr/project.yaml @@ -0,0 +1,8 @@ +homepage: "https://frrouting.org" +language: c++ +primary_contact: "security@lists.frrouting.org" +auto_ccs: +- "qlyoung@qlyoung.net" +fuzzing_engines: + - libfuzzer +main_repo: 'https://github.com/FRRouting/frr'